set('Core', 'Encoding', 'UTF-8'); // replace with your encoding $config->set('HTML', 'Doctype', 'XHTML 1.0 Transitional'); // replace with your doctype $purifier = new HTMLPurifier($config); // untrusted input HTML $html = 'Simple and short'; $pure_html = $purifier->purify($html); echo '
' . htmlspecialchars($pure_html) . '
';